Arsenal

Brought to you by:

Personalization by search providers is intended to be helpful, but can also represent a form of censorship. To address the potential issues created by these "filter bubbles" we have developed a free tool called Bobble. Bobble uses a global, Tor-like network (PlanetLab) to depersonalize search results.

Cuckoo Sandbox is an open source tool for automating malware analysis, born under the umbrella of The Honeynet Project and evolved into becoming a leading solution adopted by organizations and researchers worldwide.

It performs dynamic analysis of given malware artifacts of any nature or malicious URLs and thanks to its highly customizable nature, it provides the analyst flexibility to perform any sort of automated forensic investigation. It's mainly written in Python and C and it's designed to be highly modular, easy to integrate and completely independent.

CuckooMX is a tool which interconnects with your MTA (currently Postfix) and automatically submit decoded attachments to a Cuckoo instance.
The goal is to automatically analyze all piece of crap received in your mailboxes.

HookME is a software designed for intercepting communications by hooking the desired process and hooking the API calls for sending and receiving network data. HookMe provides a nice graphic user interface allowing you to change the packet content in real time, dropping or forwarding the packet. It also has a python system plugin to extend the HookMe functionality.

Mercury is a framework for exploring the Android platform; to find vulnerabilities and share proof-of-concept exploits. Mercury allows you to assume the role of a low-privileged Android app, and to interact with other apps and the system. It allows the user to:

Use dynamic analysis on Android applications and devices for quicker security assessments

Share publicly known methods of exploitation on Android and proof-of-concept exploits for applications and devices

Xenotix XSS Exploit Framework is a penetration testing tool to detect and exploit XSS vulnerabilities in Web Applications. It is basically a payload list based XSS Scanner and XSS Exploitation kit. It is having the world's second largest XSS Payload list. It provides a penetration tester the ability to test all the XSS payloads available in the payload list against a web application to test for XSS vulnerabilities. The tool supports both manual mode and automated time sharing based test modes. The exploitation framework in the tool includes a XSS encoder, a victim side XSS keystroke logger, an Executable Drive-by downloader and a XSS Reverse Shell. These exploitation tools will help the penetration tester to create proof of concept attacks on vulnerable web applications during the creation of a penetration test report.

Prasadhak is useful in scenarios where you need to check basic "malware sanity" of a target. A powershell tool which checks running processes for malware by searching their hashes on virustotal database.

There will also be neat demos for off sec guys of my other tool Nishang - on demand!

As smartphones enter the workplace, sharing the network and accessing sensitive data, it is crucial to be able to assess the security posture of these devices in much the same way we perform penetration tests on workstations and servers. However, smartphones have unique attack vectors that are not currently covered by available industry tools. The smartphone penetration testing framework, the result of a DARPA Cyber Fast Track project, aims to provide an open source toolkit that addresses the many facets of assessing the security posture of these devices. We will look at the functionality of the framework including information gathering, exploitation, social engineering, and post exploitation through both a traditional IP network and through the mobile modem, showing how this framework can be leveraged by security teams and penetration testers to gain an understanding of the security posture of the smartphones in an organization. We will also show how to use the framework through a command line console, a graphical user interface, and a smartphone based app. Demonstrations of the framework assessing multiple smartphone platforms will be shown.

The Deck is a full-featured penetration testing Linux distribution that runs on the BeagleBoard-xM, BeagleBone, and similar platforms. A single device running The Deck can be used as a powerful drop box or as a replacement for a pentesting laptop. Thanks to the low power requirements of the Beagle devices, a device running The Deck can operate for days to weeks off of battery power. These devices are also easily hidden thanks to their small size.

The Deck debuted in September 2012 at the 44CON conference in London. The first add-on module the 4Deck (for USB forensics) was also released at that time. The second module, the MeshDeck, is being released March 15, 2013 at BlackHat Europe 2013. The MeshDeck adds 802.15.4 networking to The Deck which permits multiple devices to execute coordinated attacks. The MeshDeck also adds the ability to attack from a distance of up to 1.6km away.